package net.xxcl.zcgl.interceptor;

import net.xxcl.zcgl.mapper.ActionMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.List;

/**
 * User: 夏汛
 * Date: 12-1-18
 * Time: 下午10:17
 */
@Service
public class AuthInterceptor implements HandlerInterceptor{

    @Autowired
    private ActionMapper actionMapper;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        String requestURI = request.getRequestURI();
        System.out.println(requestURI);
        //如果是登录请求不继续验证权限
        if(requestURI.equals("/user/login.do") || requestURI.equals("/student/login.do")){
            return true;
        }
        return true;
//        if(request.getSession().getAttribute("user")==null){
//            request.getRequestDispatcher("/commons/noAuth.jsp").forward(request,response);
//            return false;
//        } else if(request.getSession().getAttribute("roles")==null){
//            //session存在user，不存在roles则为学生
//            ServletContext sct = request.getSession().getServletContext();
//            List<String> studentActions = new ArrayList<String>();
//            if(sct.getAttribute("studentActions")==null){
//                //因学生能够做的操作不多，且不需要动态分配权限，此处硬编码实现权限控制，并保存到application对象
//                studentActions.add("paper/getPaperforKs.do");
//                studentActions.add("ks/startKs.do");
//                studentActions.add("ks/saveAnswer.do");
//                studentActions.add("score/submitPaper.do");
//                studentActions.add("ks/uploadResult.do");
//                studentActions.add("ks/end.do");
//                studentActions.add("ks/downloadFile.do");
//                studentActions.add("paper/getPaperforLook.do");
//                sct.setAttribute("studentActions",studentActions);
//            } else {
//                //若已经保存到application对象，读取出来
//                studentActions = (List<String>)sct.getAttribute("studentActions");
//            }
//            for(String allowURI:studentActions){
//                if(allowURI.equals(requestURI)){
//                    return true;
//                }
//            }
//            request.getRequestDispatcher("/commons/noAuth.jsp").forward(request,response);
//            return false;
//        } else {
//            //存在为管理员或教师
//            List<Integer> roles = (List<Integer>)request.getSession().getAttribute("roles");
//            Criteria criteria = new Criteria();
//            criteria.put("roles",roles);
//            criteria.put("action",requestURI);
//            List<Action> actions = actionMapper.userAuthUrl(criteria);
//            return true;
//        }
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object o, Exception e) throws Exception {

    }
}
